Virtual private network management with certificates

US 20040093492A1
Filed: 11/13/2002
Published: 05/13/2004
Est. Priority Date: 11/13/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method for aggregating parameter information for a device to be associated with vertical private network (VPN), the method comprising:

receiving configuration parameters determined by a service provider supporting the VPN;

receiving configuration parameters determined by a customer associated with the VPN;

generating a VPN digital certificate including received configuration parameters; and

storing the generated digital certificate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a secure definition of VPNs and configuration of devices that manage or handle these VPNs. The proposed invention provides a method to securely manage the definition of the configuration of the network devices in agreement with the above requirements for customers and providers, and provides, in addition, a method to perform the verification of implemented rules and parameters against stored and certified information. In the proposed method, digital certificates can be employed to define and certify configuration information.

271 Citations

13 Claims

1. A method for aggregating parameter information for a device to be associated with vertical private network (VPN), the method comprising:
- receiving configuration parameters determined by a service provider supporting the VPN;
  
  receiving configuration parameters determined by a customer associated with the VPN;
  
  generating a VPN digital certificate including received configuration parameters; and
  
  storing the generated digital certificate.
- View Dependent Claims (2, 3, 4, 5, 7, 8, 9)
- - 2. The method of claim 1 further comprising:
    - receiving an indication of customer approval for received configuration parameters determined by a service provider.
  - 3. The method of claim 2 wherein said receiving an indication of customer approval occurs prior to the generating of the VPN digital certificate.
  - 4. The method of claim 1 further comprising:
    - presenting the VPN digital certificate to a Certification Authority; and
      
      storing a pointer to the certificate.
  - 5. The method of claim 1 wherein the VPN digital certificate includes a plurality of fields including:
    - a public key associated with the device; and
      
      a set of configuration parameters associated with the device, including filtering parameters.
  - 7. The method of claim 5 wherein the configuration file information defined by the customer includes a set of commands and parameters corresponding to the VPN and the configuration file information defined by the provider includes a set of commands and parameters corresponding to multiple VPNs.
  - 8. The method of claim 5 further comprising:
    - generating configuration file information defined by a second customer in connection with a second VPN.
  - 9. The method of claim 5 further comprising:
    - generating a digital certificate including the generated configuration file information.

6. A method for establishing configuration parameters for a device for use in a vertical private network (VPN) associated with a customer, the VPN being administrated by a service provider, the method comprising:
- generating configuration file information defined by the customer;
  
  generating configuration file information defined by the service provider; and
  
  applying the generated configuration file information to the device.

10. A method for verifying configuration parameters of a device in a virtual private network (VPN), the method comprising:
- retrieving a log of configuration parameters from the device;
  
  retrieving a device VPN digital certificate having a definition of device configuration parameters; and
  
  comparing the retrieved log to the retrieved certificate.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10 wherein said comparing is performed by a customer work station.
  - 12. The method of claim 11 further comprising:
    - filtering data from the retrieved log to select a subset of file data; and
      
      forwarding the subset of the data from the retrieved log to the customer work station.
  - 13. The method of claim 10 wherein said comparing is performed by a service provider database;
    - and further comprising notifying a customer of the result of the comparing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Daude, Olivier, Le Pennec, Jean-Francois, Fieschi, Jacques, Galand, Claude, Hericourt, Olivier

Application Number

US10/292,820
Publication Number

US 20040093492A1
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/0272   Virtual private networks

H04L 63/0823   using certificates cryptogr...

Virtual private network management with certificates

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

271 Citations

13 Claims

Specification

Use Cases

Quick Links

Others

Virtual private network management with certificates

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

271 Citations

13 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others